WebApp Sec mailing list archives
Re: htaccess with apache
From: "Sverre H. Huseby" <shh () thathost com>
Date: Tue, 4 Nov 2003 22:34:20 +0100
[A.D.Douma] | My question is what else could an attacker do? Would command | execution be possible? Sometimes. If the code looks somewhat like this: # first get $filename from the arguments. then: open(F, $filename); the attacker could make sure $filename was represented as eg: find / -ls | Note the trailing bar, which instructs Perl to open a pipe from the given command. One should explicitely tell Perl to open a _file_ for reading: open(F, "<" . $filename); In addition, one should of course make sure the filename contains only reasonable characters. Sverre. -- shh () thathost com http://shh.thathost.com/
Current thread:
- htaccess with apache Hans Mueller (Nov 04)
- Re: htaccess with apache David Precious (Nov 04)
- Re: htaccess with apache Graham Lally (Nov 04)
- Re: htaccess with apache Tim Greer (Nov 04)
- Re: htaccess with apache A.D.Douma (Nov 04)
- Re: htaccess with apache Tim Greer (Nov 04)
- Re: htaccess with apache Sverre H. Huseby (Nov 04)
- Re: htaccess with apache Tim Tompkins (Nov 04)
- Re: htaccess with apache Lucas Holt (Nov 04)
- Re: htaccess with apache A.D.Douma (Nov 05)
- Re: htaccess with apache Tim Greer (Nov 04)
- Re: htaccess with apache Graham Lally (Nov 04)
- Re: htaccess with apache Tim Greer (Nov 04)
- Re: htaccess with apache António Vasconcelos (Nov 05)
- Re: htaccess with apache Tim Greer (Nov 05)
- Re: htaccess with apache António Vasconcelos (Nov 06)
- Re: htaccess with apache Tim Greer (Nov 06)
- Re: htaccess with apache António Vasconcelos (Nov 11)